Remote Code Execution Flaw in Umbraco CMS by Umbraco
CVE-2019-25137
7.2HIGH
What is CVE-2019-25137?
The vulnerability in Umbraco CMS allows authenticated administrators to execute arbitrary code remotely. This occurs through the improper handling of the msxsl:script in xsltSelection, leading to potential unauthorized access. Administrators using versions 4.11.8 to 7.15.10 need to be cautious and apply the necessary patches to secure their installations.
